Effective: 19 November 2021

Alliants Limited Privacy Notice

Purpose of this Privacy Notice

The purpose of this privacy notice is to explain what Personal Data we collect about you, how we use it, who we share it with, how long we keep it and what your rights are in relation to that Personal Data.

Please read this privacy notice carefully as it provides important information about how we handle your Personal Data and your rights. If you have any questions about any aspect of this privacy notice you can contact us using the information provided below under ‘How to contact us’.

Please revisit this privacy notice regularly, as we may change the content to reflect how we deliver our products and services. We last updated this privacy notice on the date shown above.

Definitions

Capitalised words in this privacy notice have the meanings given below.

AXP means Alliants Experience Platform, an Application (App), which includes a web platform and a mobile platform.

Business Associate means a representative of an existing, former or potential client of ours.

CCPA means California Consumer Privacy Act.

Consulting Services means the services we provide to our clients, including Customer Experience, Data and Analytics, Software Development and Technology Consulting. 

Controller is defined in the UK GDPR and the EU GDPR and means the natural person or legal entity that decides the means and purposes for processing the Personal Data.

DPA 2018 means the Data Protection Act 2018.

Entrusted Party is defined in the PIPL and means the legal entity or natural person that processes Personal Data on behalf of and in accordance with instructions from a Controller in accordance with the PIPL.

EU GDPR means the EU General Data Protection Regulation.

ICO means the Information Commissioner’s Office, the supervisory authority in the United Kingdom.

LTAs means Luxury Travel Agencies, which are our clients.

PA means Australia’s Privacy Act.

Personal Data is defined in the UK GDPR and the EU GDPR and means any information from which you can be identified, either directly or indirectly. For example, your name or an online identifier. 

Personal Information Processing Entity is defined in the PIPL and means the legal entity or natural person that determines the means and purposes for processing the Personal Data.

PIPEDA means Canada’s Personal Information Protection and Electronic Documents Act.

PIPL means China’s Personal Information Protection Law.

Property and Properties means hotel(s) and residency(ies), which are our clients.

Processor is defined in the UK GDPR and the EU GDPR and means the natural person or legal entity that processes Personal Data on behalf of the Controller. 

Product means the Alliants Experience Platform (AXP) App, which is a messaging platform we provide to our clients including Properties, Luxury Travel Agencies and logistics service providers.

UK GDPR means the UK General Data Protection Regulation.

Users means users of our AXP App, for example the staff of the clients we have provided the AXP App to and the guests at Properties and users of Luxury Travel Agencies.

Who we are and what we do

Who we are

We are Alliants Limited (“Alliants”, “us”, “we”, “our”). We are a limited company registered in England and Wales under registration number 6868886 and we have our registered office at Fryern House, 125 Winchester Road, Chandlers Ford, SO53 2DR. We are registered with the UK supervisory authority, ICO, in relation to our processing of Personal Data under registration number Z2906616.

What we do

We provide our Consulting Services to a wide range of organisations across numerous industries, including the hospitality sector, education and retail.

We provide our AXP App to various businesses including Properties, LTAs and logistics service providers, enabling them to deliver exceptional experiences to their customers. For example, Properties use the AXP App as a concierge and messaging service to enable their employees to easily and efficiently communicate with each other and with their guests. LTAs use the AXP App to connect with their customers and create a perfect travel itinerary for them.

Controllers and Processors

We are the Controller of the Personal Data we collect for our own purposes and we are a Processor in respect of the Personal Data we process on behalf of our Controller clients, such as Properties, LTAs and logistics service providers. The terms Controller and Processor are defined in the UK GDPR and the EU GDPR and in our definitions section above.

We are a Processor of your Personal Data if you are a User of the AXP App and the Controllers are the Properties, LTAs or logistics service providers etc you have engaged with.   The Controllers decide how your Personal Data is processed, not Us. Please contact them for further details in relation to this.

That said, if you are a Business Associate, as well as a User of the AXP App because, for example, you are an employee of a Property, a LTA or logistics service provider, we will be the Controller in respect of your contact information. For further information see the section entitled ‘Personal Data we collect’, and the table within the section entitled ‘Purposes, retention periods and lawful bases’.

For everyone else mentioned in this Privacy Notice, we are the Controller.

Who this Privacy Notice applies to

This Privacy Notice applies to you if:

  • You visit our website
  • We send our newsletters to you or otherwise contact you to promote our products and/or services
  • You enquire about our products and/or services or request a demo
  • You are a Business Associate of ours
  • You are a User of the AXP App.

Security of your Personal Data

All Personal Data that we hold about you will be stored and processed securely by us. We are committed to protecting the privacy and security of the Personal Data we process about you and will comply with the UK GDPR, the EU GDPR, the DPA 2018, the PIPL, the CCPA, the PIPEDA and any other applicable data protection legislation.

We have implemented appropriate technical and organisational measures to safeguard your Personal Data and protect it from accidental or unlawful destruction, loss or alteration and from unauthorised disclosure or access.

Further, we have put in place procedures to deal with any Personal Data breach and will notify you and the relevant supervisory authority where we are legally required to do so.

For the security measures of the third-party providers we engage, we refer you to the links shown above under ‘Sharing your Personal Data’.

Personal Data we collect

The type of Personal Data we collect about you will depend on our relationship with you.

Website Visitors and Users of Social Media

If you visit our website, we will collect information about your engagement with us online via our cookies and similar technologies such as your IP address and geographical location. See our cookie policy for more information on our use of cookies and similar technologies.  

Social Media Widgets

Our website includes social media features such as the Facebook and LinkedIn “Like” buttons and might include widgets such as the ‘share’ button or other interactive mini-programs. These features may collect your IP address, which page(s) you are visiting on our website and may set a cookie to enable the specific feature to function properly. These social media features are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing it.

Analytics

If you consent, we may also collect information about you using cookies. For example, we may use Google Analytics and Google Analytics Demographics to collect information regarding visitor behaviour and visitor demographics on some of our services, and to develop website content.

See our cookie policy for more information on our use of cookies and similar technologies.

Business Associates etc

If you enquire about our products and/or services, request a demo and/or are a Business Associate of ours we will collect your contact details such as your name, job title, name of the company you work for, work email address, work phone number and information about which products and/or services you are interested in.
If we send our newsletters to you or otherwise contact you to promote our products and/or services, we will collect your contact details such as your name, job title, the name of the company you work for, work email address and work phone number. We will also collect information relating to whether or not you have opened our emails and clicked on links provided. We use Pardot for this. (See the section below on email marketing for further details and see our cookie policy for more information on our use of cookies and similar technologies.)

Users of the AXP App

If you are a User of our AXP App, we will collect information as follows:

Information you provide directly to us

When you engage in certain activities, such as registering, requesting services, or contacting us directly, we may ask you to provide some or all of the following types of information:

  • Contact information, such as full name, address, email address, mobile phone number and, in some cases, another type of unique identifier;
  • Reservation information, such as confirmation number, room number, arrival date and departure date;
  • Demographic information, such as your gender, date of birth and details about your personal preferences;
  • Payment information, such as credit card number, expiration date, and credit card security code where needed to complete a transaction;
  • Requests and other correspondence you send to us;
  • Username and password you choose for using the AXP App.

You may choose not to provide information to us directly. However, some of this information is needed for you to use certain functions of the AXP App such as registering or requesting services from Properties, LTAs and logistics service providers. Please do not enter private or sensitive information into the AXP App which is not required.

Analytics in the AXP App

If you consent, we may collect certain information automatically through your use of the AXP App, such as:

  • Location information as provided by your device or browser, such as your device's GPS signal or information about nearby WiFi access points;
  • Your Internet Protocol (IP) address, cookie identifiers, mobile advertising identifiers, and other device identifiers that are automatically assigned to your computer or device when you access the Internet;
  • Information about your device such as browser type, operating system, and Internet service provider; and
  • Information about your visit to our web platform such as pages that you visit before and after using the AXP App, the date and time of your visit, the amount of time you spend on each page, information about the links you click and pages you view within the AXP App, and other actions taken through use of the AXP App. We use WalkMe for this. See our cookie policy for more information on our use of cookies and similar technologies.

Information we obtain from other sources

Our clients that use the AXP App, send us User information regarding communications, requests, maintenance, and other service delivery. We may also obtain information about you from other third-party services and organisations to enhance your experience. Additionally, Properties may use additional technologies such as in-room entertainment to send to us service requests, which may contain Personal Data.

Other

We will also collect any other information you provide to us.

Email marketing and e-newsletters

We send e-newsletters and marketing emails to people who have opted in to receive these communications. We also send them to Business Associates who have shown an interest in our products and services and to organisations we consider may be interested in what we can offer.  You can opt-out at any time as we provide an unsubscribe button in every communication.

We gather statistics around email opening and clicks using industry standard technologies including single pixel gifs to help us monitor and improve our e-newsletters and email marketing. We use Pardot for this. (See our cookie policy for more information on our use of cookies and similar technologies.

How we collect your Personal Data

We collect your Personal Data directly from you when you:

  • visit our website: alliants.com
  • use our AXP App
  • use our Consulting Services
  • engage with us as a Business Associate
  • sign up to our newsletters
  • enquire about our products and/or services or request a demo.

We may also collect your Personal Data by telephone, at trade fairs, through project work and from social media platforms such as LinkedIn and from bought in lists.

Purposes, retention periods and lawful bases

We will keep your Personal Data in accordance with the retention periods set out in the table below, following which we will permanently and securely destroy it.

We will only use your Personal Data when the law allows. Most commonly, we will use your personal information in the following circumstances:

Type of individual

Type of personal data

Purpose of processing

Lawful basis

Retention period

Type of individual

Users of the AXP App
(who are customers of a Property or LTA)

Type of personal data

Personal Data such as full name, address, email address, mobile phone number and, in some cases, another type of unique identifier

Reservation information, such as confirmation number, room number, arrival date and departure date

Request Information such as booking reference, confirmation number

Purpose of processing

To provide customized content and make recommendations that would improve your experience with the Property or LTA. This includes, for example, preselecting the Property you are visiting when you open the AXP App based on the information you have provided.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract with the Property or LTA is terminated, unless otherwise agreed with a Property or LTA

Type of individual

Users of the AXP App
(who are customers of a Property or LTA)

Type of personal data

Personal Data such as full name, address, email address, mobile phone number and, in some cases, another type of unique identifier

Reservation information, such as confirmation number, room number, arrival date and departure date

Request Information such as booking reference, confirmation number

Purpose of processing

To send you content and communications that you have requested or which are necessary for fulfilling our contractual obligations with our client Properties or LTA.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract with the Property or LTS is terminated, unless otherwise agreed with a Property or LTA

Type of individual

Users of the AXP App
(who are employees of a Property, LTA or logistics service providers)

Type of personal data

First name, last name, email, job title, in some cases, another type of unique identifier

Purpose of processing

To send you content and communications that you have requested or which are necessary for fulfilling our contractual obligations with our client Properties, LTA or logistics service providers.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract is terminated with the Property, LTA or logistics service provider,  unless otherwise agreed with a Property, LTA or logistics service provider

Type of individual

Users of the AXP App
(who are customers of a client Property or LTA)

Type of personal data

Payment data, payment token, billing address, card holder name, email address, phone number

Purpose of processing

In order to process payments for products and services.

Lawful basis

Contract

Retention period

1 month from the date our contract with the Property or LTA is terminated, unless otherwise agreed with a Property or LTA

Type of individual

Users of the AXP App
(who are customers of a client Property or LTA)

Type of personal data

Personal Data such as full name, address, email address, mobile phone number and, in some cases, another type of unique identifier

Reservation information, such as confirmation number, room number, arrival date and departure date

Request Information such as booking reference and confirmation number

Purpose of processing

For any other activities that are necessary to support our contractual obligations to our client Property, LTA or logistics services provider.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract with the Property or LTA is terminated, unless otherwise agreed with a Property or LTA

Type of individual

Users of the AXP App
(who are employees of our client Property or LTA or logistics service providers)

Type of personal data

First name, last name, company name, job title, work email address, work phone number, profile picture and in some cases, another type of unique identifier

Purpose of processing

To enable you to communicate with your employer’s customers.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract with the Property, LTA or logistics service provider is terminated unless otherwise agreed with a Property or LTA

Type of individual

Users of the AXP App
(who are employees of our client Property or LTA or logistics service providers)

Type of personal data

First name, last name, company name, job title, work email address, work phone number, profile picture and in some cases, another type of unique identifier

Purpose of processing

For any other activities that are necessary to support our contractual obligations with our client Property, LTA or logistics services providers.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract with the Property, LTA or logistics service provider is terminated, unless otherwise agreed with a Property,  LTA or logistics service provider

Type of individual

Users of the AXP App
(who are employees of our client Property or LTA or logistics service providers)

Type of personal data

First name, last name, company name, job title, work email address, work phone number and in some cases, another type of unique identifier

Purpose of processing

To provide you with materials about offers, products, and services offered by us, including new content or services.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract with the Property, LTA or logistics service provider is terminated, unless otherwise agreed with a Property, LTA or logistics service provider

Type of individual

Users of the AXP App
(who are employees of our client Property or LTA or logistics service providers)

Type of personal data

First name, last name, company name, job title, work email address, work phone number and in some cases, another type of unique identifier

Purpose of processing

To send you content and communications that you have requested or which are necessary for fulfilling our contractual obligations with our client Property, LTA or logistics services providers.

Lawful basis

Legitimate interests

Retention period

1 month from the date our contract with the Property, LTA or logistics service provider is terminated, unless otherwise agreed with a Property, LTA or logistics service provider

Type of individual

Business Associates 

Type of personal data

First name, last name, job title (if provided), company name, work email address and/or work phone number and reason for contacting us

Purpose of processing

To answer your query/enquiry.

Lawful basis

Legitimate interests

Retention period

2 years from the date of last meaningful contact 

Type of individual

Business Associates 

Type of personal data

First name, last name, job title (if provided), work email address and company name

Purpose of processing

To book and deliver a demo at your request.

Lawful basis

Legitimate interests

Retention period

2 years from the date of last meaningful contact

Type of individual

Business Associates 

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number

Purpose of processing

To administer the contract for our client contract.

Lawful basis

Legitimate interests

Retention period

6 years from the date the contract with your employer / our client is terminated

Type of individual

Business Associates 

Type of personal data

First name, last name, company name, work email address

Purpose of processing

To send you newsletters and/or other marketing material.

Lawful basis

Legitimate interests

Retention period

3 years from the date of last meaningful contact

Type of individual

Business Associates 

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number

Purpose of processing

Conduct surveys, research and evaluations.

Lawful basis

Legitimate interests or consent where required

Retention period

3 years from the date of last meaningful contact

Type of individual

Business Associates 

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number

Purpose of processing

By submitting your details via 3rd party advertising platforms, we will send you content and communications that you have requested or which are necessary for fulfilling our contractual obligations to our client

Lawful basis

Legitimate interests

Retention period

3 years from date of last meaningful contact

Type of individual

Website visitors

Type of personal data

Using Google Analytics tracking code, we collect the following information.

ClientID, UserID, IP address, Time of visit, pages visited, time spent on each webpage, referring site details (URL), Type of web browser, Type of operating system (OS), Flash version, JavaScript support, screen resolution, screen colour processing ability, Network location, document downloads, clicks on links leading to external websites, errors from forms, clicks on videos, scroll depth, interactions with site-specific widgets. Age, gender and interest categories.

Purpose of processing

Analyse your use of our website to improve your experience and develop new services.

Lawful basis

Consent

Retention period

Varies per cookie. See https://www.alliants.com/policies/cookie-declaration

Type of individual

Website visitors

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number

Purpose of processing

By submitting your details via our website forms, we will send you content and communications that you have requested or which are necessary for fulfilling our contractual obligations to our client

Lawful basis

Legitimate interests

Retention period

3 years from the date of last meaningful contact

Type of individual

Website visitors

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number

Purpose of processing

Conduct surveys, research and evaluations.

Lawful basis

Legitimate interests or consent where required

Retention period

3 years from the date of last meaningful contact

Type of individual

Website visitors

Type of personal data

Using Google Analytics tracking data, we collect the following information.

ClientID, UserID, IP address, Time of visit, pages visited, time spent on each webpage, referring site details (URL), Type of web browser, Type of operating system (OS), Flash version, JavaScript support, screen resolution, screen colour processing ability, Network location, document downloads, clicks on links leading to external websites, errors from forms, clicks on videos, scroll depth, interactions with site-specific widgets. Age, gender and interest categories.

Purpose of processing

We may use your Personal Data to create anonymised information and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access the services, or other analyses, for a number of purposes, including the measurement of website visitors’ interest in and use of various portions or features of the website. Anonymised or aggregated information is not Personal Data, and we may use such information in a number of ways, including research, internal analysis, analytics and any other legally permissible purposes.

Lawful basis

Consent

Retention period

Varies per cookie. See https://www.alliants.com/policies/cookie-declaration

Type of individual

Any of the individuals referred to above

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number

Purpose of processing

For audit and reporting purposes, including internal and external investigations.

Lawful basis

Legal obligation

Retention period

7 years from date of last financial year

Type of individual

Any of the individuals referred to above

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number. Date of birth, gender, National Insurance number, marital status, home address, bank account details.

Purpose of processing

To perform accounting and administrative tasks.

Lawful basis

Legal obligation

Retention period

7 years from date of last financial year

Type of individual

Any of the individuals referred to above

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number.

Purpose of processing

To respond to requests for information by competent public bodies and judicial authorities.

Lawful basis

Legal obligation

Retention period

For as long as is necessary

Type of individual

Any of the individuals referred to above

Type of personal data

First name, last name, job title, company name, work email address and/or work phone number

Purpose of processing

To enforce or manage legal claims.

Lawful basis

Legal obligation

Retention period

For as long as is necessary

Sharing your Personal Data

Marketing

In order to deliver our e-newsletters and email campaigns, we use third-party providers, namely:
Pardot and Salesforce

We also use these providers to send updates about our products to registered Users of our products.

We will ensure that we have entered into data processing agreements with the service providers which means that they can only process your Personal Data in accordance with our instructions and the applicable data protection legislation and they will not be able to use it for their own purposes.

Authorized Third-Party Vendors and Service Providers

We may share Personal Data with third-party vendors and service providers (including sub-processors) that provide business services to us or on our behalf, such as IT services, hosting services, payment processing services. Payment information will be used and shared only to effectuate your order and may be stored by a service provider for purposes of future orders. We prohibit our service providers from using or sharing your Personal Data except as necessary to perform the contracted services on our behalf or to comply with applicable legal requirements.

As mentioned above, we use Google Analytics. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners. You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout.

We also use WalkMe on our AXP App for the purposes of analytics. Please see our cookie policy for more information on our use of cookies and similar technologies.

Properties and LTA

If you are a customer of a Property or LTA, we will share your Personal Data with the Property or LTA  you visit/use. We do not control the privacy practices of these Properties and their information practices are not covered by this Privacy Notice. We recommend that you refer to the Privacy Notice for each Property and LTA that you visit/use.

Legal Purposes

We may disclose Personal Data to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to prevent fraud and to protect and defend the rights, interests, safety, and security of us, our users, or the public.

Anonymous and Aggregated Information

We may share anonymous or aggregated information within Alliants and with third parties for our or their purposes in an anonymized or aggregated form that is designed to prevent anyone from identifying you.

International transfers

The Personal Data we collect from you when you visit our website or AXP App, make a purchase from us, enquire about our products and/or services, request a demo or sign up to receive our newsletters may be processed outside of the UK. This is because the service providers we use to provide these functions are based outside the UK.

We have taken appropriate steps to ensure that the personal data processed outside the UK has an essentially equivalent level of protection as it has within the UK. We do this by ensuring that:

  • Your Personal Data is only processed in a country which the Secretary of State has confirmed has an adequate level of protection (an adequacy regulation) or
  • We enter into Standard Contractual Clauses (SCCs) with the providers and ensure that supplementary measures are also applied, where necessary. See European Commission: Model contracts for the transfer of Personal Data to third countries.

Your rights

You have certain rights in relation to the processing of your Personal Data. These rights will vary depending on where you are located.

If you are in the UK or the EU

If you reside in the UK or the EU you have the following rights:

  • Request access to your Personal Data (commonly known as a “Subject Access Request”). This enables you to receive a copy of the Personal Data we hold about you.
  • Request rectification of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
  • Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. If you object to us using your Personal Data for marketing purposes, we will stop sending you marketing material. 
  • Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your Personal Data to another party (data portability).
  • Automated decision-making. You have the right not to be subject to a decision based solely on automated processing which will significantly affect you. We do not use automated decision-making.

Right to withdraw consent

If you have provided your consent to the processing of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we are permitted by law.

How to exercise your rights

If you wish to exercise your rights, please email VP Data and Support on email support@alliants.com.

You will not usually need to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity before we can process a request from you to exercise any of the above rights. This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

If you are in California

California Consumer Privacy Act (“CCPA”)

The CCPA provides California residents certain rights related to their Personal Data. You have the right to:

  • know what Personal Data we collect about you;
  • request a copy of the Personal Data we have about you;
  • require that we delete your Personal Data;
  • know whether we sell your Personal Data and whether we disclose your data to anyone;
  • object to the sale of your Personal Data; and
  • not be discriminated against because you exercised your rights under the CCPA.

We do not sell or disclose your Personal Data for monetary gain or any valuable consideration. We do not use the Personal Data collected by our clients about you for our own purposes. We provide operations software to our clients and they use your Personal Data to provide services to you.

The Personal Data we collect about you is set out above under ‘Personal Data we collect’.

If you are in China

Personal Information Protection Law (“PIPL”)

If you reside in the People’s Republic of China, you have the following rights:

  • You have the right to know and decide upon Personal Data Processing.
  • You have the right of access to your Personal Data and can request copies of it and information about our processing of it.
  • If the Personal Data we hold about you is incorrect or incomplete, you can ask us to rectify or add to it.
  • You have the right to request that your Personal Data is deleted, in certain circumstances.
  • You have the right to object and have the right to restrict the use of your Personal Data in certain circumstances. 
  • You have the right not to be subject to a decision based solely on automated processing.
  • You have the right to portability, subject to conditions stipulated by the Cyberspace Administration of China
  • Where we are processing your Personal Data with your consent you can withdraw your consent at any time. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Service.
  • You have the right to ask Entrusted Parties to explain their processing rules on data subjects’ requests.
  • The close relatives of a deceased data subject also have certain rights.
  • You can also raise a complaint with the data protection supervisory authority in the country in which you reside. 

If you are in Canada

Personal Information Protection and Electronic Documents Act (“PIPEDA”)

If you reside in Canada, you have the following rights:

  • You have the right to access your Personal Data (subject to limited exceptions)
  • You have the right to correct inaccuracies in/update your Personal Data.
  • You have the right to withdraw consent in certain circumstances.

If you are in Australia

Privacy Act

If you reside in Australia, you have the following rights:

  • You have the right to request access to your Personal Data
  • You have the right to correct inaccuracies in your Personal Data.
  • You have the right to stop receiving unwanted direct marketing. 
  • You can also make a complaint about us to the Office of the Australian Information Commissioner if you think we have mishandled your Personal Data.

Children's privacy

Our Services are not directed to children under the age of 16 and we do not knowingly collect Personal Data from such children without parental consent, unless permitted by law. If you are under the age of 16, you must have your parent’s permission to use our AXP App or any of our services. If you learn that your child has provided us with Personal Data without your consent, you may contact us as described hereafter. If we become aware of the fact that a child under the age of 16 provided us with his/her Personal Data, we will delete this in accordance with applicable law.

Third-Party Websites

Our website and our AXP App contains links to other websites. If you follow a link, please note these websites will have their own Privacy Notices. We do not accept responsibility or liability for the Privacy Notices of third-party websites. Please check their privacy notices before submitting any Personal Data to these websites.

How to complain

You have the right to lodge a complaint with the relevant supervisory authority, if you believe we are infringing the applicable data protection legislation or you are concerned about the way in which we are handling your Personal Data. The supervisory authority in the UK is the Information Commissioner’s Office who can be contacted online at:

Contact us

If you wish to contact us in relation to this privacy notice or if you wish to exercise any of your rights outlined above, you may contact our VP Data and Support by post at Alliants Limited, Universal Marina, Crableck Lane, Sarisbury Green, Southampton, SO31 7ZN or by email at support@alliants.com.

If you are in the EU, please see below for the contact details of our EU representative.

EU Representative

We are based in the UK but, under the EU GDPR, we are required to appoint an EU representative.  The purpose of an EU representative is to make it easy for individuals located in the EU to contact us should they wish to exercise their rights or make a complaint or enquiry in relation to how we are processing their Personal Data. It is also a contact point for the supervisory authorities located in the EU.

If you’re based in the EU/EEA and wish to contact us via our GDPR Representative, DataRep, you may do so at:

  • alliants@datarep.com  
  • https://www.datarep.com/data-request/ 
  • Or by mailing the most convenient address from the list below. PLEASE NOTE: when mailing inquiries, it is ESSENTIAL that you mark your letters for ‘DataRep’ (EU Subjects) and not ‘Alliants’, or your inquiry may not reach DataRep.

Country

Address

Austria

DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria

Belgium

DataRep, Place de L'Université 16, Louvain-La-Neuve, Waals Brabant, 1348, Belgium

Bulgaria

DataRep, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria

Croatia

DataRep, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia

Cyprus

DataRep, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus

Czech Republic

DataRep, IQ Ostrava Ground floor, 28. rijna 3346/91, Ostrava-mesto, Moravska, Ostrava, Czech Republic

Denmark

DataRep, Lautruphøj 1-3, Ballerup, 2750, Denmark

Estonia

DataRep, 2nd Floor, Tornimae 5, Tallinn, 10145, Estonia

Finland

DataRep, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland

France

DataRep, 72 rue de Lessard, Rouen, 76100, France

Germany

DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany

Greece

DataRep, 24 Lagoumitzi str, Athens, 17671, Greece

Hungary

DataRep, President Centre, Kálmán Imre utca 1, Budapest, 1054, Hungary

Iceland

DataRep, Kalkofnsvegur 2, 101 Reykjavík, Iceland

Ireland

DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland

Italy

DataRep, Viale Giorgio Ribotta 11, Piano 1, Rome, Lazio, 00144, Italy

Latvia

DataRep, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia

Liechtenstein

DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria

Lithuania

DataRep, 44A Gedimino Avenue, 01110 Vilnius, Lithuania

Luxembourg

DataRep, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg

Malta

DataRep, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta

Netherlands

DataRep, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands

Norway

DataRep, C.J. Hambros Plass 2c, Oslo, 0164, Norway

Poland

DataRep, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland

Portugal

DataRep, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal

Romania

DataRep, 15 Piaţa Charles de Gaulle, nr. 1-T, Bucureşti, Sectorul 1, 011857, Romania

Slovakia

DataRep, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia

Slovenia

DataRep, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia

Spain

DataRep, Calle de Manzanares 4, Madrid, 28005, Spain

Sweden

DataRep, S:t Johannesgatan 2, 4th floor, Malmo, SE - 211 46, Sweden